1. Symantec/
  2. Security Response/
  3. Trojan.Peacomm


Risk Level 2: Low

January 19, 2007
January 19, 2007 6:52:29 PM
Also Known As:
Small.DAM [F-Secure], CME-711 [Common Malware Enumeration], Troj/Dorf-Fam [Sophos], Downloader-BAI!M711 [McAfee], TROJ_SMALL.EDW [Trend], W32/Tibs [Norman], Troj/Dorf-J [Sophos], W32/Zhelatin.gen!eml [McAfee], Email-Worm.Win32.Zhelatin [Kaspersky],
Infection Length:
29,347 bytes; 30,720 bytes; 32,387 bytes; 34,816 bytes (varies)
Systems Affected:
Trojan.Peacomm is a Trojan horse that drops a driver program file to download another program. It is reportedly attached to spammed email. It may also be dropped by W32.Mixor.Q@mm.

Trojan.Peacomm may be dropped by W32.Mixor.Q@mm. It may also arrive as an attachment to a spammed email.

Currently, the characteristics of the email subject and attachment may include any of the following combinations from a growing list of possibilities:

One of the following:
  • 230 dead as storm batters Europe.
  • A killer at 11, he's free at 21 and kill again!
  • British Muslims Genocide
  • Chinese missile shot down Russian aircraft
  • Chinese missile shot down Russian satellite
  • Chinese missile shot down USA aircraft
  • Chinese missile shot down USA satellite
  • Did you open your ecard yet
  • Fidel Castro dead.
  • Naked teens attack home director.
  • New 2008 Year Ecard
  • New 2008 Year Greeting Card
  • New 2008 Year Postcard
  • New Year 2008 Ecard
  • New Year 2008 Greeting Card
  • New Year 2008 Postcard
  • New Year Postcard
  • New Year Postcard
  • Please open your ecard.
  • Radical Muslim drinking enemies's blood.
  • Re: Your text
  • Russian missile shot down Chinese aircraft
  • Russian missile shot down Chinese satellite
  • Russian missile shot down USA aircraft
  • Russian missile shot down USA satellite
  • Saddam Hussein alive!
  • Saddam Hussein safe and sound!
  • Someone is thinking of you! Open your ecard!
  • Someone just sent you a greeting!
  • Someone Just sent you an ecard!
  • This ecard is hillarious!
  • U.S. Secretary of State Condoleezza Rice has kicked German Chancellor Angela Merkel
  • Venezuelan leader: "Let's the War beginning".
  • We have a ecard greeting for you.
  • We have a ecard surprise!
  • We have a ecard surprise!
  • You have just received an ecard.
  • You have one new ecard waiting!
  • Your ecard greeting is available.
  • Your ecard joke is waiting
  • Your ecard joke is waiting!


One of the following:
  • ClickHere.exe
  • e-card.exe
  • familypostcards2008.com
  • FlashPostcard.exe
  • FlashPostcard.exe
  • Full Story.exe
  • FullClip.exe
  • FullNews.exe
  • FullVideo.exe
  • GreetingCard.exe
  • GreetingPostcard.exe
  • happycards2008.com
  • merrychristmasdude.com
  • MoreHere.exe
  • newyearcards2008.com
  • newyearwithlove.com
  • postcard.exe
  • Read More.exe
  • ReadMore.exe
  • uhavepostcard.com
  • Video.exe

Due to a substantial increase in activity, Symantec Security Response raised this threat to category 3 on January 22, 2007.

The Peacomm family of Trojans is also commonly known as the "Storm" Trojan.

Further reading:
To find out more about this threat, please read the following Symantec Security Response blog entries:

Antivirus Protection Dates

  • Initial Rapid Release version January 19, 2007
  • Latest Rapid Release version January 26, 2018 revision 004
  • Initial Daily Certified version January 19, 2007
  • Latest Daily Certified version January 26, 2018 revision 009
  • Initial Weekly Certified release date January 22, 2007
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.
Writeup By: Masaki Suenaga and Mircea Ciubotariu

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
2016 Internet Security Threat Report, Volume 21
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube